Connecting...

W1siziisijiwmtgvmtivmtmvmdkvmjuvntavmziyl2ljdc5qcgcixsxbinailcj0ahvtyiisijiwmdb4nzawiyjdxq
Job

Cyber Security Analyst - SOC

  • Job ref:

    1174685/001_1657794701

  • Location:

    Bristol, England

  • Sector:

    ICT

  • Job type:

    Contract

  • Salary:

    £50 - £60 per hour

  • Contact:

    Tom McParland

  • Email:

    tmcparland@cbsbutler.com

  • Published:

    3 months ago

  • Duration:

    12 Months

  • Start date:

    ASAP

  • Consultant:

    #

Cyber Security Analyst

Based in Bristol

£50 - £60 per hour

Shift Work

SC Cleared

JOB DESCRIPTION

We're looking for a Cyber Security Analyst to join the Protective Monitoring Team. The team delivers specialist technical cyber security services to a range of clients across a variety of industries including construction, government, defence and aerospace.

Key Responsibility Areas:

  • Provide monitoring, alerting and incident handling services within the SOC in line with SLAs and within the 24/7/365 shift pattern

  • Act as the initial analytical reference point for identifying and then quantifying the nature and extent of security incident and offer initial professional advice relating to possible business impact in order to reduce both the Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR)

  • Advise on incident containment measures through recommended initial actions to customers in collaboration with the Incident Response (IR) Team

  • Provide advice relating to potential mitigation measures in order to prevent, or limit future reoccurrence in collaboration with the Incident Response (IR) Team

  • Have an understanding of Incident Response, Cyber Kill Chain, Threat Modelling and pertinent Attack Vectors

  • Have a collaborative working ethos in order to work across the team in order to create pertinent Playbooks, Use Cases ,etc

  • Perform proactive analysis across client networks by staying abreast of current threats and trends

  • Develop and maintain a credible knowledge of current and emerging threats likely to affect the Integrity of the managed service you are protecting.

  • Review reoccurring false positive firings and assist in the tuning of SIEM and IDS rules to reduce false positives and maintain good security alerting.

  • Ensure all operational incidents, on-going tickets and relevant information is handed over to the oncoming shift in an effective and efficient manner, using the shift handover process and documentation (HOTO)

  • When required assist in the creation of reporting for management and clients on security incidents and threat intelligence trends.

Skills, Qualifications & Knowledge Required:

  • Experience in Cyber Security, e.g. Protective Monitoring, Incident Response, Security Engineering

  • SIEM (LogRhythm, Arcsight, Splunk, etc) & IDS (Snort) experience

  • Have a sound knowledge of IT security best practice, common attack types & detection / prevention methods

  • Demonstrate experience of analysing & interpreting system, security & application logs in order to diagnose faults & spot abnormal behaviours

  • Have great organisational skills & attention to detail

  • Due to the nature of the tasks involved, you must be capable of achieving full SC security clearance

  • Ability to work independently & as part of a team

  • Highly motivated, with the aptitude to learn new skills

  • Ability to work within a shift pattern covering 24/7/365 operations

  • Occasional travel may be required

  • Potential to provide temporary cover to NCIRC as required (travel to Mons may be required)